PLANNING AN AUDIT OF FINANCIAL STATEMENTS (PSA 300)

1. Planning an audit involves:

• establishing the overall audit strategy for the engagement; and

• developing an audit plan.

Preliminary Engagement Activities

2. The auditor shall perform the following activities at the beginning of the current audit
engagement:

• Perform procedures regarding the continuance of the client relationship and

the specific audit engagement.
• Evaluate compliance with ethical requirements, including independence.
• Establish an understanding of the terms of the engagement.

Planning Activities

3. The auditor shall establish an overall audit strategy for the audit. The overall audit
strategy sets the scope, timing and direction of the audit, and guides the
development of the more detailed audit plan.

4. The establishment of the overall audit strategy involves:

a) Determining the characteristics of the engagement that define its scope;
b) Ascertaining the reporting objectives of the engagement to plan the timing of the
audit and the nature of the communications required;
c) Considering the important factors that will determine the focus of the
engagement team’s efforts;
d) Considering the results of preliminary engagement activities and, where
applicable, whether knowledge gained on other engagements performed by the
engagement partner for the entity is relevant; and
e) Ascertaining the nature, timing and extent of resources necessary to perform the
engagement.

5. The auditor shall develop an audit plan that shall include a description of:
a) The nature, timing and extent of planned risk assessment procedures, as
determined under PSA 315.
b) The nature, timing and extent of planned further audit procedures at the assertion
level, as determined under PSA 330.
c) Other planned audit procedures that are required to be carried out so that the
engagement complies with PSAs.

Changes to Planning Decisions During the Course of the Audit

The overall audit strategy and the audit plan shall be updated and changed as
necessary during the course of the audit.

Page 1
Direction, Supervision and Review

1. The auditor shall plan the nature, timing and extent of direction and supervision of
engagement team members and review their work.

2. The nature, timing and extent of the direction and supervision of engagement team
members and review of their work vary depending on many factors, including:
• The size and complexity of the entity;
• The area of the audit;
• The risks of material misstatement; and
• The capabilities and competence of the individual team members performing
the audit work.

3. The auditor plans the nature, timing and extent of direction and supervision of
engagement team members based on the assessed risk of material misstatement.

Documentation

The auditor shall document the overall audit strategy and the audit plan, including any
significant changes made during the audit engagement.

Additional Considerations in Initial Audit Engagements

The auditor shall perform the following activities prior to starting an initial audit:
1. Perform procedures regarding the acceptance of the client relationship and the
specific audit engagement.
2. Communicate with the previous auditor, where there has been a change of auditors,
in compliance with relevant ethical requirements.

PSA 315 (Revised 2019)

IDENTIFYING AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT

1. The objective of the auditor is to

• identify and assess the risks of material misstatement, whether due to fraud or
error, at the financial statement and assertion levels
• thereby providing a basis for designing and implementing responses to the
assessed risks of material misstatement.

2. The auditor shall design and perform risk assessment procedures to obtain audit
evidence that provides an appropriate basis for:

a) the identification and assessment of risks of material misstatement, whether due

to fraud or error,
• at the financial statement
• and assertion levels; and

b) the design of further audit procedures in accordance with PSA 330.

3. The risk assessment procedures shall include the following:
a) Inquiries of management and of other appropriate individuals within the entity,
including individuals within the internal audit function (if the function exists).
b) Analytical procedures.

Page 2
 c) Observation and inspection.

4. Information from Other Sources

In obtaining audit evidence by performing risk assessment procedures, the auditor shall
consider information from:
a) The auditor’s procedures regarding acceptance and continuance of the
client relationship of the audit engagement; and
b) When applicable, other engagements performed by the engagement partner
for the entity.

5. Engagement Team Discussion

• The engagement partner and other key engagement team members shall discuss
the application of the applicable financial reporting framework and the
susceptibility of the entity’s financial statements to material misstatement.

• When there are engagement team members not involved in the engagement
team discussion, the engagement partner shall determine which matters are to
be communicated to those members.

6. Obtaining an Understanding of the Entity and its Environment, the Applicable

Financial Reporting Framework and the Entity’s System of Internal Control

• The auditor shall perform risk assessment procedures to obtain an understanding

of:

a) The following aspects of the entity and its environment:

i. The entity’s organizational structure, ownership and governance, and
its business model, including the extent to which the business model
integrates the use of IT;
ii. Industry, regulatory and other external factors;
iii. The measures used, internally and externally, to assess the entity’s
financial performance;

b) The applicable financial reporting framework, and the entity’s accounting

policies and the reasons for any changes thereto;

c) How inherent risk factors affect susceptibility of assertions to misstatement and

the degree to which they do so, in the preparation of the financial statements
in accordance with the applicable financial reporting framework.

• The auditor shall evaluate whether the entity’s accounting policies are
appropriate and consistent with the applicable financial reporting framework.

INTERNAL CONTROL

1. Internal control is the process designed, implemented and maintained by those

charged with governance, management and other personnel to provide reasonable
assurance about the achievement of an entity’s objectives with regard to:

• Reliability of financial reporting;

• Effectiveness and efficiency of operations; and
• Compliance with applicable laws and regulations.

Page 3
2. When obtaining an understanding of controls that are relevant to the audit, the
auditor shall:
• evaluate the design of those controls; and
• determine whether they have been implemented by performing
procedures in addition to inquiry of the entity’s personnel.

COMPONENTS OF INTERNAL CONTROL

1. Control Environment

The control environment includes the governance and management functions and
the attitudes, awareness, and actions of those charged with governance and
management concerning the entity’s internal control and its importance in the entity.

Elements of control environment:

a) Communication and enforcement of integrity and ethical values.
b) Commitment to competence.
c) Participation by those charged with governance.
d) Management’s philosophy and operating style.
e) Organizational structure.
f) Assignment of authority and responsibility.
g) Human resource policies and practices.

The auditor shall obtain an understanding of the control environment. As part of

obtaining this understanding, the auditor shall evaluate whether:
a) Management, with the oversight of those charged with governance, has
created and maintained a culture of honesty and ethical behavior; and
b) The strengths in the control environment elements collectively provide an
appropriate foundation for the other components of internal control, and
whether those other components are not undermined by deficiencies in
the control environment.

2. The Entity’s Risk Assessment Process

The auditor shall obtain an understanding of whether the entity has a process for:
a) Identifying business risks relevant to financial reporting objectives;
b) Estimating the significance of the risks;
c) Assessing the likelihood of their occurrence; and
d) Deciding about actions to address those risks.

3. The information system, including the related business processes, relevant to financial
reporting, and communication

The auditor shall obtain an understanding of the information system, including the
related business processes, relevant to financial reporting, including the following
areas:
 The classes of transactions in the entity’s operations that are significant to the
financial statements.
 The procedures, within both IT and manual systems, by which those
transactions are initiated, recorded, processed, corrected as necessary,
transferred to the general ledger and reported in the financial statements.

Page 4
  The related accounting records, whether electronic or manual, supporting
information, and specific accounts in the financial statements that are used to
initiate, record, process and report transactions; this includes the correction of
incorrect information and how information is transferred to the general ledger.
 How the information system captures events and conditions, other than
transactions, that are significant to the financial statements.
 The financial reporting process used to prepare the entity’s financial
statements, including significant accounting estimates and disclosures.
 Controls surrounding journal entries, including non-standard journal entries
used to record non-recurring, unusual transactions or adjustments.

The auditor shall obtain an understanding of how the entity communicates financial
reporting roles and responsibilities and significant matters relating to financial
reporting, including:
 Communications between management and those charged with
governance; and ➢ External communications, such as those with regulatory
authorities.

4. Control activities relevant to the audit

• Control activities are the policies and procedures to help ensure that
management directives are carried out. Examples of control activities include
those relating to the following:
 Authorization
 Performance reviews
 Information processing
 Physical controls
 Segregation of duties

• The auditor shall obtain a sufficient understanding of control activities to:

 Assess the risks of material misstatement at the assertion level; and ➢ Design
further audit procedures responsive to assessed risks.

5. Monitoring of controls

• Monitoring of controls involves assessing the design and operation of controls on

a timely basis and taking the necessary corrective actions modified for changes
in conditions.

• The auditor shall obtain an understanding of the major activities that the entity
uses to monitor internal control over financial reporting, including those related to
those control activities relevant to the audit, and how the entity initiates remedial
actions to deficiencies in its controls.
• If the entity has an internal audit function, the auditor shall obtain an
understanding of the following in order to determine whether the internal audit
function is likely to be relevant to the audit:
a. The nature of the internal audit function’s responsibilities and how the
internal audit function fits in the entity’s organizational structure; and
b. The activities performed, or to be performed, by the internal audit function.

• The auditor shall obtain an understanding of the sources of the information used
in the entity’s monitoring activities, and the basis upon which management
considers the information to be sufficiently reliable for the purpose.

Page 5
 MULTIPLE CHOICE QUESTIONS

1. Which of the following factors most likely would cause an auditor to decline a new
audit engagement?
A. Concluding that the entity’s management probably lacks integrity.
B. An inability to perform preliminary analytical procedures before assessing control
risk.
C. An inadequate understanding of the entity’s internal control.
D. The close proximity to the end of the entity’s reporting period.

2. Before accepting an audit engagement, a successor auditor should make specific

inquiries of the predecessor auditor regarding
A. The predecessor’s assessment of inherent risk and judgments about materiality.
B. The degree of cooperation the predecessor received concerning the inquiry of
the client’s lawyer.
C. The predecessor’s evaluation of matters of continuing accounting significance.
D. Disagreements the predecessor had with the client concerning auditing
procedures and accounting principles.

3. Adequate planning of the audit work helps to ensure that

A B C D
• Appropriate attention is devoted to important areas
of the audit Yes No Yes No
• Potential problems are identified Yes Yes Yes No
• The work is completed expeditiously No Yes Yes No

4. Which of the following matters should be considered by the auditor in developing

the overall audit strategy?
A. Important characteristics of the entity, its business, its financial performance and
its reporting requirements including changes since the date of the prior audit.
B. Conditions requiring special attention, such as the existence of related parties.
C. The setting of materiality levels for audit purposes.
D. All of the above.

5. An auditor should design the audit plan so that

A. All material transactions will be selected for substantive testing.
B. Substantive tests prior to the balance sheet date will be minimized.
C. The audit procedures selected will achieve specific audit objectives.
D. Each account balance will be tested under either tests of controls or tests of
transactions.

6. Audit plans should be designed so that

A. Most of the required procedures can be performed as interim work.
B. Inherent risk is assessed at a sufficiently low level.
C. The auditor can make constructive suggestions to management.
D. The audit evidence gathered supports the auditor’s conclusions.

7. An auditor most likely obtains an understanding of a new client to

A. Make constructive suggestions concerning improvements to the client’s internal
control.
B. Develop an attitude of professional skepticism concerning management’s
financial statement assertions.

Page 6
 C. Evaluate whether the aggregation of known misstatements causes the financial
statements taken as a whole to be materially misstated. D. Identify areas of audit
emphasis.

8. Which of the following procedures is the auditor most likely to perform after
accepting an initial audit engagement?
A. Prepare a rough draft of the financial statements and of the auditor’s report.
B. Assess control risk for the assertions embodied in the financial statements.
C. Tour the client’s facilities.
D. Consult with and review the work of the predecessor auditor prior to discussing
the engagement with the client management.

9. To obtain an understanding of a continuing client’s business, an auditor most likely

would A. Perform tests of details of transactions and balances.
B. Read internal audit reports.
C. Read specialized industry journals.
D. Reevaluate the risks of material misstatement.
Review prior year working papers and the permanent file for the client.
10. The objective of performing analytical procedures as risk assessment procedures in
an audit is to identify
A. Unusual transactions and events.
B. Noncompliance with laws and regulations that went undetected because of
internal control weaknesses.
C. Relate party transactions.
D. Recorded transactions that were properly authorized.

11. A measure of how willing the auditor is to accept that the financial statements may
be materially misstated after the audit is completed and an unmodified opinion has
been issued is the
A. Inherent risk. C. Control risk.
B. Acceptable audit risk. D. Detection risk.

12. Which of the following audit risk components may be assessed in quantitative terms?
Inherent Risk Control Risk Detection Risk
A. Yes No Yes
B. Yes Yes Yes
C. No No No
D. No No Yes

13. A measure of the auditor’s assessment of the likelihood that there are material
misstatements in an account before considering the effectiveness of the client’s
internal control is called
A. Audit risk C. Inherent risk
B. Detection risk D. Control risk

14. Assessing control risk at a low level most likely would involve
A. Performing more extensive substantive tests with larger sample sizes
than originally planned.
B. Reducing inherent risk for most of the assertions relevant to significant
account balances.
C. Changing the timing of substantive tests by omitting interim-date
testing and performing the tests at year-end.
D. Identifying specific controls relevant to specific assertions.

15. An auditor assesses control risk because it

A. Is relevant to the auditor’s understanding of the control environment.

Page 7
 B. Provides assurance that the auditor’s materiality levels are
appropriate.
C. Indicates to the auditor where inherent risk may be the greatest.
D. Affects the level of detection risk that the auditor may accept.

16. Which of the following is not a step in an auditor’s assessment of control risk? A.
Evaluate the effectiveness of internal control with tests of controls.
B. Obtain an understanding of the entity’s information system and control
environment.
C. Perform tests of details of transactions to detect material misstatements in the
financial statements.
D. Consider whether controls can have a pervasive effect on financial statement
assertions.

17. It is the process designed and effected by those charged with governance,
management, and other personnel to provide reasonable assurance about the
achievement of the entity’s objectives.
A. Internal auditing C. Business strategy
B. Internal control C. Accounting process

18. Which of the following is not one of the three primary objectives of effective internal
control?
A. Reliability of financial reporting.
B. Efficiency and effectiveness of operations.
C. Compliance with laws and regulations.
D. Assurance of elimination of business risk.

19. In an audit of financial statements, an auditor’s primary consideration regarding an

internal control is whether the control
A. Reflects management’s philosophy and operating style.
B. Affects management’s financial statement assertions.
C. Provides adequate safeguards over access to assets.
D. Relates to operational activities.

20. Which of the following are considered control environment elements?

Commitment Detection Organizational
to Competence Risk Structure
A. No Yes No
B. Yes Yes Yes
C. Yes No Yes
D. No No Yes

21. Which of the following statements concerning the relevance of various types of
controls to a financial statement audit is correct?
A. All controls are ordinarily relevant to a financial statement audit.
B. Controls over safeguarding of assets and liabilities are of primary
importance, while controls over the reliability of financial reporting
may also be relevant.
C. Controls over the reliability of financial reporting are ordinarily most
directly relevant to a financial statement audit, but other controls may
also be relevant.
D. An auditor may ordinarily ignore a consideration of controls when a
substantive audit approach is taken.

22. The components of internal control include

A. Monitoring of controls that sets the tone of the organization.

Page 8
 B. A process of managing risks relevant to preparing financial
statements.
C. A control environment consisting of policies and procedures to help
ensure that management directives are carried out.
D. Control activities that identify, capture, and exchange information.

23. An auditor should consider two key issues when obtaining an understanding of a
client’s internal controls. These issues are
A. The effectiveness and efficiency of the controls.
B. The frequency and effectiveness of the controls.
C. The design and implementation of the controls.
D. The implementation and efficiency of the controls.

24. Which of the following statements is most correct with respect to separation of
duties? A. Employees should not have temporary and permanent custody of assets.
B. Employees who authorize transactions should not have custody of related assets.
C. It is permissible to allow an employee to open cash receipts and record those
receipts.
D. Employees who authorize transactions should have recording responsibility for
these transactions.
25. Authorizations can be either general or specific. Which of the following is not an
example of a general authorization?
A. Automatic reorder points for raw materials inventory.
B. A sales manager’s authorization for a sales return.
C. Credit limits for various classes of transactions.
D. A sales price list for merchandise.

26. When obtaining knowledge about an entity’s internal control, it is important for the
auditor to consider the competence of its employees, because their competence
bears directly and importantly upon the
A. Cost-benefit relationship of internal control.
B. Comparison of recorded accountability with assets.
C. Achievement of the objectives of internal control.
D. Timing of substantive tests to be performed.

27. Control activities are the policies and procedures that help ensure that
management directives are carried out. These include activities relating to
authorization, performance reviews, information processing, physical controls, and
segregation of duties. There is proper segregation of duties when an individual who
A. Records a transaction does not compare the accounting record of
the asset with the asset itself.
B. Authorizes a transaction records it.
C. Authorizes a transaction maintains custody of the asset that resulted
from the transaction.
D. Maintains custody of an asset has access to the accounting records
for the asset.

28. An auditor should obtain sufficient knowledge of an entity’s information system,

including the related business processes relevant to financial reporting, to
understand the A. Policies used to detect the concealment of fraud.
B. Process used to prepare significant accounting estimates.
C. Safeguards used to limit access to computer facilities.
D. Procedures used to assure proper authorization of transactions.

Page 9
29. The primary objective of procedures performed to obtain an understanding of
internal control is to provide an auditor with A. Knowledge necessary to plan the
audit.
B. A basis for modifying tests of controls.
C. Information necessary to prepare flowcharts.
D. Evidence to use in reducing detection risk.

30. In obtaining an understanding of internal control relevant to the audit, an auditor is

required to obtain knowledge about the
A. Effectiveness of controls that have been implemented.
B. Consistency with which controls are currently being applied.
C. Design of the controls pertaining to internal control components.
D. Controls related to each class of transactions and account balance.

31. After considering a client’s internal controls, an auditor has concluded that it is well
designed and is functioning as intended. Under these circumstances the auditor
would most likely A. Perform tests of controls to the extent outlined in the audit
program.
B. Determine the control procedures that should prevent or detect errors and
fraud.
C. Not increase the extent of predetermined substantive tests.
D. Determine whether transactions are recorded to permit preparation of financial
statements in accordance with PFRS.

32. Audit evidence concerning proper segregation of duties normally is best obtained
by A. Direct personal observation of the employee who applies control procedures.
B. Making inquiries of co-workers about the employee who applies control
procedures.
C. Preparation of a flowchart of duties performed and available personnel.
D. Inspection of third-party documents containing the initials of who applied control
procedures.

33. In conducting an audit in accordance with PSAs, the auditor is required to identify
and assess the risks of material misstatement at the financial statement level, and at
the assertion level for classes of transactions, account balances, and disclosures.
Some of these risks, in the auditor’s judgment, require special audit consideration,
such as those that involve fraud or complex transactions. Such risks are called
A. Business risks
B. Audit risks
C. Significant risks
D. Material risks

34. As a result of obtaining an understanding of an entity’s internal control system, the

auditor may become aware of material weaknesses in the design or implementation
of internal control. The auditor is required to communicate this matter to
A. Those charged with governance or management
B. Chief executive officer
C. Securities and Exchange Commission
D. Board of Accountancy

35. Which of the following controls most likely would provide reasonable assurance that
all credit sales transactions of an entity are recorded?
A. The accounting department supervisor controls the mailing of
monthly statements to customers and investigates any differences
reported by customers.

Page 10
 B. The accounting department supervisor independently reconciles, on
a monthly basis, the accounts receivable subsidiary ledger to the
accounts receivable control account.
C. The billing department supervisor matches prenumbered shipping
documents with entries in the sales journal.
D. The billing department supervisor sends copies of approved sales
orders to the credit department for comparison to authorized credit
limits and current customer account balances.

36. An auditor tests an entity’s policy of obtaining credit approval before shipping goods
to customers in support of management’s financial statement assertion of A.
Valuation.
B. Completeness.
C. Occurrence.
D. Rights and obligations.

37. Macho Dancer Company uses its sales invoices for posting perpetual inventory
records. Inadequate internal control over the invoicing function allows goods to be
shipped but not invoiced. The inadequate controls could cause what type of
misstatement in each of the following accounts?
Revenues Receivables Inventories
A. Understatement Understatement Understatement B. Overstatement
Overstatement Understatement
C. Understatement Understatement Overstatement
D. Overstatement Overstatement Overstatement

38. Which of the following control activities in an entity’s revenue/receipt cycle would
provide reasonable assurance that all billed sales are correctly posted to the
accounts receivable ledger?
A. Each shipment of goods on credit is supported by a prenumbered sales invoice.
B. The accounts receivable subsidiary ledger is reconciled daily to the accounts
receivable control account in the general ledger.
C. Daily sales summaries are compared to daily postings to the accounts
receivable ledger.
D. Each sales invoice is supported by a prenumbered shipping document.
39. The auditor’s primary objective in obtaining an understanding of the client’s controls
over the purchasing function is to
A. Investigate the recording of unusual transactions regarding raw materials.
B. Determine the reliability of financial reporting by the purchasing function.
C. Observe the annual physical count.
D. Ascertain that raw materials paid for are on hand.

40. Effective controls relevant to purchasing of raw materials should usually include all
of the following, except
A. Determining the need for the raw materials prior to preparing the purchase
order.
B. Systematic reporting of product changes that will affect raw materials.
C. Obtaining financial approval prior to making a commitment.
D. Obtaining third-party written quality and quantity reports prior to payment for
the raw materials.

41. Which of the following controls is not usually performed in the accounts payable
department?
A. Indicating on the voucher the affected asset and expense accounts to be
debited.

Page 11
 B. Approving vouchers for payment by having an authorized employee sign the
vouchers.
C. Accounting for unused prenumbered purchase orders and receiving reports.
D. Matching the vendor’s invoice with the related purchase requisition, purchase
order, and receiving report.

42. The following are appropriate questions on an internal control questionnaire

concerning purchase transactions, except
A. Are all goods received in a centralized receiving department and counted,
inspected, and compared with purchase orders on receipt?
B. Are intact cash receipts deposited daily in the bank?
C. Are prenumbered purchase orders and receiving reports used and accounted
for?
D. Are an approved purchase requisition and a signed purchase order required for
each purchase?

43. Which of the following is of least concern to an auditor in assessing the risks of
material misstatement?
A. Signed checks are distributed by the controller to approved payees.
B. Checks are signed by one person.
C. Cash receipts are not deposited intact daily.
D. Treasurer does not verify the names and addresses of check payees.

44. To provide assurance that each voucher is submitted and paid only once, an auditor
most likely would examine a sample of paid vouchers and determine whether each
voucher is A. Supported by a vendor’s invoice.
B. Stamped “paid” by the check signer.
C. Prenumbered and accounted for.
D. Approved for authorized purchases.

45. Which of the following is an essential control procedure to ensure the accuracy of
the recorded inventory quantities?
A. Calculating unit costs and valuing obsolete or damaged inventory items in
accordance with inventory policy.
B. Testing inventory extensions.
C. Performing a gross profit test.
D. Establishing a cutoff for goods received and shipped.

46. Effective internal controls over inventories are designed and implemented for the
following reasons, except
A. Inventories typically represent a large component of an entity’s current assets.
B. Inventories are the most liquid asset.
C. Inventories directly affect the financial performance of an entity.
D. Inventories typically represent a large portion of an entity’s total assets.

47. An auditor generally tests the segregation of duties related to inventory by A.

Personal inquiry and observation.
B. Test counts and cutoff procedures.
C. Analytical procedures and invoice recomputation.
D. Document inspection and reconciliation.

48. Your client, a merchandising concern, has annual sales of P30,000,000 and a 40%
gross profit rate. Tests reveal that 2% of the peso amount of purchases do not get
into inventory because of breakage and inventory pilferage by employees. The
company estimates that these losses could be reduced to 0.5% of purchases by

Page 12
 designing and implementing certain controls costing approximately P350,000.
Should the controls be designed and implemented?
A. Yes, regardless of cost-benefit considerations, because the situation involves
employee theft.
B. Yes, because the ideal system of internal control is the most extensive one.
C. No, because the cost of designing and implementing the added controls
exceeds the projected savings.
D. Yes, because the expected benefits to be derived exceed the cost of the
added controls.

49. Which of the following controls most likely would be implemented to achieve the
production cycle control objective of maintaining accurate inventory records?
A. Periodic inventory counts are used to adjust the perpetual inventory records.
B. A just-in-time inventory ordering system keeps inventory levels to a desired
minimum.
C. Perpetual inventory records are periodically compared with the net realizable
value of individual inventory items.
D. Purchase requisitions, receiving reports, purchase orders, and vendor invoices
are independently matched before payment is approved.

50. An internal control objective concerning property, plant, and equipment (PPE)
acquisitions is that they be recorded at the correct amounts and in the proper
period, and properly classified. In which of the following conditions would an auditor
most likely assess a high level of risk of material misstatement?
A. All material acquisitions of PPE are required to be approved by the board of
directors.
B. Most additions are self-constructed by the entity.
C. Recently acquired loans include covenants that preclude further plant
acquisitions for 5 years.
D. Gross PPE increased 30% during the current period.

51. Which of the following controls would an entity most likely use in safeguarding
against the loss of trading securities?
A. The independent auditor traces all purchases and sales of trading securities
through the subsidiary ledgers to the general ledger.
B. An independent trust company that has no direct contact with the employees
who have record-keeping responsibilities has possession of the securities.
C. The internal auditor inspects the trading securities in the entity’s safe each year
on the balance sheet date.
D. A designated member of the board of directors controls the securities in a bank
safedeposit box.

52. The following controls are designed to protect investment securities, except
A. Investment securities should be properly controlled physically in order to prevent
unauthorized usage.
B. Custody over investment securities should be limited to personnel having record-
keeping responsibility over the securities.
C. Securities should be registered in the entity’s name.
D. Access to securities should be vested in two individuals.
53. Effective controls over the payroll function may include
A. Custody of rate authorization records by the supervisor of the payroll
department.
B. Preparation of payroll transaction journal entries by an employee who reports to
the supervisor of the personnel department.
C. Verification of agreement of job time tickets with employee clock card hours by
a payroll department employee.

Page 13
 D. Reconciliation of totals on job time tickets with job reports by employees
responsible for those specific jobs.

54. Employees of a manufacturing entity are often required to use time cards and job
time tickets. Which of the following statements concerning the use of these
documents is incorrect?
A. Time reported on job time tickets should be reconciled to time cards.
B. Payroll should be calculated based on job time tickets.
C. Each employee should have only one time card.
D. An employee may have one or many job time tickets in a day.

55. Which of the following personnel department procedures reduces the risk of payroll
fraud and represents an appropriate responsibility for the department?
A. Authorizing the addition or deletion of employees from the payroll.
B. Authorizing overtime hours.
C. Collection and retention of unclaimed paychecks.
D. Distributing paychecks.

--- END --

Page 14